Use Cloudflare SSL certificate for wildcard subdomains

Hi all,

I’m hosting a webapp on Heroku (if that matters), and I’ve created a wildcard subdomain. I’d like every subdomain to be SSL enabled/secured. To that end, I’ve created an Origin Server certificate on Cloudflare and have created the SSL setting son Heroku using the public/private keys I was provided. Unfortunately, it’s still not working and I’m not sure why. I’m getting the NET::ERR_CERT_AUTHORITY_INVALID error.

To clarify - domain DNS is managed through Cloudflare. I have a wildcare CNAME setting pointing to Heroku and I want to SSL encrypt every subdomain (it’ll likely be hundreds of subdomains, one for every user of our app).


That won’t work, as you won’t be able to proxy such a record. You’d need an Enterprise plan for that.

You need to create the hostnames individually and make sure they are proxied. As long as you have a proxied record, your setup appears to be sound. Just make sure your encryption mode is Full Strict, otherwise all the security goes out the window.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.